package com.ztjava.auth.validator;

import java.util.HashMap;
import java.util.Map;

import com.alibaba.fastjson.JSONObject;
import com.jfinal.aop.Duang;
import com.jfinal.core.Controller;
import com.jfinal.kit.HashKit;
import com.jfinal.kit.Ret;
import com.ztjava.auth.model.AuthThird;
import com.ztjava.auth.model.AuthUser;
import com.ztjava.auth.service.AuthService;
import com.ztjava.core.Constant;
import com.ztjava.core.base.BaseValidator;
import com.ztjava.core.tool.ViewTool;
import com.ztjava.core.utiliy.StringUtil;
import com.ztjava.ext.auth.annotation.UserController;
import com.ztjava.plugin.event.EventKit;
import com.ztjava.plugin.event.core.RequestEvent;
/***
 * 给接口用的
 * @author Administrator
 *
 */
public class LoginNoCaptchaValidator extends BaseValidator{
	private static AuthService authService = Duang.duang(AuthService.class);
	@Override
	protected void validate(Controller c) {
		setShortCircuit(true);
		setReturnJson(true);
		String portal = c.getClass().getAnnotation(UserController.class).portal().toUpperCase();
		validateRequiredString("username", Constant.MESSAGE, "请输入用户名！");
		validateRequiredString("password", Constant.MESSAGE, "请输入密码！");
		String username = c.getPara("username","");
		String password = c.getPara("password","");
		AuthUser authUser = null;
		//用于第三方系统全盘代理本系统，适用场合很窄。。。。有个业务需求要这样，没办法写在这里：2018.7.27
		if(ViewTool.param("AUTH_"+portal+"_THIRD_OTHER_ONOFF").equals("ON")){
			JSONObject user = new JSONObject();
			user.put("username", username);
			user.put("password", password);
			Ret result = EventKit.postRemoteOnly(ViewTool.param("AUTH_MEMBER_THIRD_OTHER_EVENT"), new RequestEvent(user));
			if(result.getStr(Constant.RESULT).equals(Constant.ERROR)){
				addError(Constant.MESSAGE,result.getStr(Constant.MESSAGE));
			}
			AuthThird authThird = authService.getThirdByCode(portal, "OTHER", username);
			Map<String,String> userMap = new HashMap<>();
			userMap.put("name", result.getStr("name"));
			userMap.put("username", username);
			userMap.put("password", password);
			authUser = authService.insertUserByThird(authThird, userMap);
		}else {
			if(username.indexOf("@")>-1){
				authUser = AuthUser.dao.findFirst("select * from "+AuthUser.tablename+" where portal=? and email=? order by id desc limit 1",portal,username);
			}else if(username.length()==11&&StringUtil.isNumeric(username)){
				authUser = AuthUser.dao.findFirst("select * from "+AuthUser.tablename+" where portal=? and phone=? order by id desc limit 1",portal,username);
			}else {
				authUser = AuthUser.dao.findFirst("select * from "+AuthUser.tablename+" where portal=? and username=? order by id desc limit 1",portal,username);
			}
			if(authUser==null){
				addError(Constant.MESSAGE,"用户名不正确！");
			}
			if(authUser.get("password")==null){
				addError(Constant.MESSAGE,"未设置密码，无法凭借密码登陆！");
			}
			if(authUser.getStr("enable_flag").equals(Constant.F)){
				addError(Constant.MESSAGE,"账号已被停用！");
			}
			
			if(!authUser.getStr("password").equals(HashKit.md5(password).toUpperCase())){
				addError(Constant.MESSAGE,"密码错误！");
			}
		}
		
		c.setAttr("authUser", authUser);
	}

}
